Re: port 2112

["J. Lambrecht" <jl_post () pandora be>]

check in portlists for possible trojans at that portnbr., as i remember
kerberos is somehow attracting attention to one of it's port. Ehr, thought
this had something to do with LDAP or some other similarlylike service.
Verify wich services there are running at your host wich is initiating (?)
the connections. Eventually verify these with reliable service activity on
the machine itself.

Do you mean you have no way of doing 'netstat -a' or something ?

----- Original Message ----- 
From: <Dean_Larson () May-Co com>
To: <security-basics () securityfocus com>
Sent: Wednesday, August 06, 2003 8:12 PM
Subject: port 2112


> we have a computer trying to contact a computer on the internet 66.7.244.x
> on port 2112 /tcp.  we've looked at the computer inside our network, but
> didn't find anything unusual (but we were not able to do a lot of snooping
> on the computer -- politics).  i did a google search on found a few
> programs running on this port, mostly kerberos related.  anyone seen this
> type of activity also?  suggestions?
>
> thanks for your help
>
>
>
>
> --------------------------------------------------------------------------
-
> --------------------------------------------------------------------------
--
>


---------------------------------------------------------------------------
----------------------------------------------------------------------------